Security Automation for HR Authorizations
AUTHORIZATIONS FOR BATCH PROCESSING IN THE SAP NETWEAVER AND S/4HANA ENVIRONMENT
The advantage of this feature is that administrators can parse failed permission checks regardless of end users. End users can save their unsuccessful checks to the database using the Save ( ) button. As an administrator, you can also back up failed permission checks from other users. The Saved Checks button also gives you access to this information afterwards. The automatic storage carried out when the old transaction SU53 was called is omitted because it overwrote the last recording. You can also load the results into an Excel file to allow a more comfortable evaluation.
If you still have problems with the performance of the evaluation, despite the regular archiving and indexing of the modification documents of your user and permission management, this is probably due to the amount of central change documents. In this case, you also need an archiving concept for other key change document data. SAPHinweis 1257133 describes the procedure for creating such a concept.
Configure Security Audit Log
Customising the organisational criteria is cross-client. Activation of the organisational criteria depends on the client. If you want to use these permissions in different clients, you must activate the respective organisational criteria for the respective client. Now you can use the organisational criterion in your PFCG role. To do this, enter the S_TABU_LIN authorization object with the organisational criterion you created. Assign the respective attributes with the organisational values for which the user should be entitled. Along with the individual values, you can specify intervals for your organisational criterion so that you can assign permissions to users for multiple organisational values.
The freeware Scribble Papers is a "note box" in which all kinds of data can be stored. It takes in typed texts as well as graphics and entire documents. The data is then organised in folders and pages.
For each form of automated derivative of roles, you should first define an organisational matrix that maps the organisational requirements. To do this, you must provide data on each organisation in a structured form.
For the assignment of existing roles, regular authorization workflows require a certain minimum of turnaround time, and not every approver is available at every go-live. With "Shortcut for SAP systems" you have options to assign urgently needed authorizations anyway and to additionally secure your go-live.
If you no longer need old audit results, you can archive or delete them with the transaction SAIS via the button (Administration of the Audit Environment).
This is the only way to ensure that processes are mapped securely and completely correctly from a technical point of view.